ci: publish daemonless multi-arch images #50

Merged

gofix merged 2 commits from ci/kaniko-multi-arch-images into master

2026-05-03 14:16:48 +00:00

gofix commented

2026-05-03 14:01:59 +00:00

Owner

Summary

build amd64 and arm64 images with the existing Kaniko-based, daemonless workflow
push arch-specific tags first, then publish multi-arch version/latest manifests with crane
enable Kaniko remote layer caching in per-architecture cache repositories

Runner requirements

amd64 image build requires a runner with both docker and amd64 labels
arm64 image build requires a runner with both docker and arm64 labels
the publish job can run on any existing docker runner and does not need Docker socket access

Validation

parsed .forgejo/workflows/container-image.yml with PyYAML
ran git diff --check
ran docker buildx build --check for linux/amd64 and linux/arm64
ran Kaniko --no-push on arm64 until it reached the Rust compile step; this confirmed the Dockerfile parses and runs under Kaniko natively

## Summary - build amd64 and arm64 images with the existing Kaniko-based, daemonless workflow - push arch-specific tags first, then publish multi-arch version/latest manifests with crane - enable Kaniko remote layer caching in per-architecture cache repositories ## Runner requirements - amd64 image build requires a runner with both `docker` and `amd64` labels - arm64 image build requires a runner with both `docker` and `arm64` labels - the publish job can run on any existing `docker` runner and does not need Docker socket access ## Validation - parsed `.forgejo/workflows/container-image.yml` with PyYAML - ran `git diff --check` - ran `docker buildx build --check` for `linux/amd64` and `linux/arm64` - ran Kaniko `--no-push` on arm64 until it reached the Rust compile step; this confirmed the Dockerfile parses and runs under Kaniko natively

gofix added 1 commit

2026-05-03 14:01:59 +00:00

ci: publish daemonless multi-arch images

Rust CI / Format, lint, and test (pull_request) Successful in 44s

Details

e72790be2b

gofix added 1 commit

2026-05-03 14:14:03 +00:00

ci: document qemu-capable amd64 runner

Rust CI / Format, lint, and test (pull_request) Successful in 1m13s

Details

791ebc4621

gofix commented

2026-05-03 14:15:48 +00:00

Author

Owner

openclaw runner setup completed.

forgejo-runner-gofix now declares docker, amd64, and arm64 labels.
Workflow job containers still do not receive Docker daemon access: runner config keeps container.docker_host: "-".
amd64 builds are supported on the arm64 openclaw host through host-level qemu/binfmt registration.
Added and enabled forgejo-runner-binfmt.service so amd64 binfmt is re-registered after Docker starts.
Verified through DIND: linux/amd64 runs as x86_64, linux/arm64 runs as aarch64.
Kaniko amd64 smoke test reached the amd64 apt-get RUN step without exec format error.

openclaw runner setup completed. - `forgejo-runner-gofix` now declares `docker`, `amd64`, and `arm64` labels. - Workflow job containers still do not receive Docker daemon access: runner config keeps `container.docker_host: "-"`. - `amd64` builds are supported on the arm64 openclaw host through host-level qemu/binfmt registration. - Added and enabled `forgejo-runner-binfmt.service` so amd64 binfmt is re-registered after Docker starts. - Verified through DIND: `linux/amd64` runs as `x86_64`, `linux/arm64` runs as `aarch64`. - Kaniko amd64 smoke test reached the amd64 `apt-get` RUN step without `exec format error`.

gofix merged commit 639faecd95 into master

2026-05-03 14:16:48 +00:00

gofix referenced this pull request from a commit

2026-05-03 14:16:50 +00:00

ci: publish daemonless multi-arch images (#50)

gofix referenced this pull request

2026-05-03 15:26:08 +00:00

ci: amd64 container image build fails deterministically (release v2.1.8+rs.1 blocked) #53

gofix referenced this pull request

2026-05-03 15:38:10 +00:00

ci: published arm64 image runs without file capabilities (rly.best deploy crashes) #54